Allow MFA support for user affinity MacOS DEP devices
Add support for MFA for MacOS DEP devices with User Affinity.

9 comments
-
Salih Zengin commented
I wrote this also here https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/39176923-support-multi-factor-authentication-when-enrolling.
I can’t understand the reason to make it possible to have a web sign in.
Even for mosyle it is possible. This vendor costs only $1 per device and can handle this modern authentification and Intune with Microsoft cannot do this. Really strange. -
Josh Highet commented
3 votes in, Disappointing we're still having to find alternatives to a feature other providers embraced years ago.
-
Anonymous commented
This is a must have feature. It is not a very good solution from MS support to just say: Turn of MFA
-
John commented
Currently assessing a number of MDM's to manage our large Mac estate. Intune not supporting MFA auth at setup for user affinity DEP devices would make us look elsewhere. Especially since user affinity is required to make use of the Company Portal app. Please add this capability.
-
Steven commented
Please! Atleast document and fix the ability for us to disable MFA for intune enrollment through conditional access.
-
Daniel Fuentes commented
MFA Support with a Cloud IdP during Automated Enrollment was added with macOS Catalina... Big Sur is expanding on this and it's still impossible so DEP Enroll a device with User Affinity with Intune... +3 votes... this has to happen ASAP.
-
Ryan commented
Adding 3 votes to this as it's a pressing issue for us. We need to support macOS, but all our Macs are in ADE and we use MFA. Intune support said this is in preview, but there's no ETA for it to be supported. Please give us an update on this.
-
Anonymous commented
The Setup Assistant is able to use modern authentication. Other MDM providers have it, it's pretty much just Intune not supporting this.
-
Anonymous commented
I suspect this might need to be taken up with Apple as the OOBE 'setup assistant' would need to incorporate libraries to support modern authentication.
Have you tested by excluding 'Intune Enrolment' via conditional access policies ?
Can't get mine to work just yet ...